首先在web.xml中配置,配置方法與字符攔截器大同小異,配置如下:
<!-- 使用filter實現登錄控制 --> <filter> <filter-name>SessionFilt</filter-name> <filter-class>com.ed.web.admin.action.LoginFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>utf-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>SessionFilt</filter-name> <url-pattern>要攔截的頁面</url-pattern> </filter-mapping>
和普通過濾器配置沒什么區別,就是多了兩個初始化參數,兩個參數的作用分別是:
encoding----->用來指定一個具體的字符集
forceEncoding------->Spring的早期版本這個參數作用很單一,當request中已經被指定了一個字符集的時候是否再將用 endcoding對應的字符集設置到request中去。舉個例子來說明,假如說過濾器就像上面 那樣被配置到web.xml了,當請求 被提交之后,過濾器會判斷request.getCharacterEncoding()是否為null,如果是null那么就會進行 request.setCharacterEncoding("UTF-8")的操作,如果不是null那么過濾器什么也不會做。
看下攔截后的具體邏輯:
public class LoginFilter implements Filter { private String excludedPaths; private String [] excludedPathArray; @Override public void destroy() { // TODO Auto-generated method stub } @Override public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { // TODO Auto-generated method stub HttpServletRequest request = (HttpServletRequest)arg0; HttpServletResponse response = (HttpServletResponse)arg1; HttpSession session = request.getSession(); //需要放行的路徑 if( request.getRequestURI().indexOf("/admin/login")!= -1 ||request.getRequestURI().indexOf("/pac/ky")!= -1 ||request.getRequestURI().indexOf("/pac/yh")!= -1 ||request.getRequestURI().indexOf("/pac/yn")!= -1 ||request.getRequestURI().indexOf("/pac/yn")!= -1){ arg2.doFilter(arg0, arg1); } else{ if(session.getAttribute("loginUser")==null ){ response.sendRedirect(request.getContextPath()+"/timeout.jsp"); }else { arg2.doFilter(arg0, arg1); } } } @Override public void init(FilterConfig arg0) throws ServletException { // TODO Auto-generated method stub } }